Infusionsoft is a CRM that offers clients sales and marketing capabilities. But as a healthcare organization, you must ensure that the tools you use are HIPAA compliant. Is Infusionsoft HIPAA compliant? The answer is discussed below.
Is Infusionsoft HIPAA Compliant: Security Measures
An important aspect of determining whether or not a software provider is HIPAA compliant are their security measures. Healthcare organizations have an obligation to ensure the confidentiality, integrity, and availability of protected health information (PHI). PHI security is accomplished by implementing safeguards to prevent unauthorized use or disclosure.
Infusionsoft enables PHI security through their privacy settings. However, their “HIPAA Security Controls” feature must be enabled by the end user. To enable this setting, users navigate to Admin > Settings > Privacy & Compliance.
Then move the toggle so that it displays “enabled.”
Is Infusionsoft HIPAA Compliant: Business Associate Agreements
In addition to HIPAA security measures, for a software provider to be considered HIPAA compliant, they must be willing to sign a business associate agreement (BAA). This is because software providers are considered business associates under HIPAA as they create, receive, transmit, store, or maintain PHI on behalf of their clients.
Infusionsoft is willing to sign a BAA with their healthcare clients.
You can find Infusionsoft’s BAA here.
Users must complete the required fields, and sign the BAA. Once signed, users will receive a verification email from Adobe Sign. To ensure HIPAA compliance, users must keep a copy of the signed BAA in their records.
Is Infusionsoft HIPAA Compliant?
Is Infusionsoft HIPAA compliant? Yes, provided that users enable the”HIPAA Security Controls” feature, and have a signed BAA. Additionally, Infusionsoft must be used in accordance with HIPAA standards for it to be considered HIPAA compliant. As such, employees must be trained on the proper uses and disclosures of PHI within Infusionsoft.
